<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="inc/conn.asp"-->
<!--#include file="inc/admincheck.asp"-->
<%if session("admin")="" then
response.Write "<script language='javascript'>alert('网络超时或您还没有登陆！');window.location.href='login.asp';</script>"
response.End
else
if session("flag")>1 then
response.Write "<p align=center><font color=red>您没有此项目管理权限！</font></p>"
response.End
end if
end if
%>
<!--#include file="inc/md5.asp"-->
<!--#include file="inc/meta.asp"-->
<%dim action,adminid
action=request.QueryString("action")
adminid=request.QueryString("adminid")
admin=trim(request("admin"))
select case action
'//edit
case "edit"
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from admin where adminid="&adminid,conn,1,3
if trim(request("password"))="" then
	response.Write "<script LANGUAGE='javascript'>alert('修改管理员设置需要输入密码！');history.go(-1);</script>"
	response.end
else
	if md5(trim(request("password")))<>rs("password") then
		response.Write "<script LANGUAGE='javascript'>alert('密码输入错误！');history.go(-1);</script>"
		response.end
	else	
		rs("flag")=int(request("flag"))
		rs.Update
		response.Write "<script LANGUAGE='javascript'>alert('管理员设置修改成功！');history.go(-1);</script>"

		response.end
	end if
end if
rs.Close
set rs=nothing

'//add
case "add"
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from admin",conn,1,3
rs.addnew
rs("admin")=trim(request("admin2"))
rs("password")=md5(trim(request("password2")))
rs("flag")=int(request("flag2"))
rs.update
rs.close
set rs=nothing
response.Write "<script LANGUAGE='javascript'>alert('添加管理员成功！');history.go(-1);</script>"
response.Redirect "admin_manage.asp"
response.End
'//del
case "del"
conn.execute ("delete from admin where adminid="&request.QueryString("adminid"))
response.Redirect "admin_manage.asp"
end select
%>
<%call CloseConn()%>
</html>